From a2ce8897d7a7ca5e2cdbad86f52a43a49852bf9f Mon Sep 17 00:00:00 2001
From: Yordan Kinkov <yordan.kinkov@vereign.com>
Date: Thu, 24 Nov 2022 13:37:02 +0200
Subject: [PATCH] Make oauth client not required by default

---
 cmd/task/main.go          | 12 +++++++-----
 internal/config/config.go |  8 ++++----
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/cmd/task/main.go b/cmd/task/main.go
index df676d6..7090400 100644
--- a/cmd/task/main.go
+++ b/cmd/task/main.go
@@ -77,11 +77,13 @@ func main() {
 
 	httpClient := httpClient()
 
-	// create an HTTP Client which uses an authentication token
-	// Create an HTTP Client which uses an authentication token.
-	// The token will auto-refresh as necessary.
-	oauthCtx := context.WithValue(context.Background(), oauth2.HTTPClient, httpClient)
-	oauthClient := newOAuth2Client(oauthCtx, cfg.OAuth.ClientID, cfg.OAuth.ClientSecret, cfg.OAuth.TokenURL)
+	oauthClient := httpClient
+	if cfg.Auth.Enabled {
+		// Create an HTTP Client which automatically issues and carries an OAuth2 token.
+		// The token will auto-refresh when its expiration is near.
+		oauthCtx := context.WithValue(context.Background(), oauth2.HTTPClient, httpClient)
+		oauthClient = newOAuth2Client(oauthCtx, cfg.OAuth.ClientID, cfg.OAuth.ClientSecret, cfg.OAuth.TokenURL)
+	}
 
 	// create policy client
 	policy := policy.New(cfg.Policy.Addr, oauthClient)
diff --git a/internal/config/config.go b/internal/config/config.go
index 99d5411..baf99e5 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -25,7 +25,7 @@ type httpConfig struct {
 }
 
 type authConfig struct {
-	Enabled         bool          `envconfig:"AUTH_ENABLED" default:"true"`
+	Enabled         bool          `envconfig:"AUTH_ENABLED" default:"false"`
 	JwkURL          string        `envconfig:"AUTH_JWK_URL"`
 	RefreshInterval time.Duration `envconfig:"AUTH_REFRESH_INTERVAL" default:"1h"`
 }
@@ -60,7 +60,7 @@ type metricsConfig struct {
 }
 
 type oauthConfig struct {
-	ClientID     string `envconfig:"OAUTH_CLIENT_ID" required:"true"`
-	ClientSecret string `envconfig:"OAUTH_CLIENT_SECRET" required:"true"`
-	TokenURL     string `envconfig:"OAUTH_TOKEN_URL" required:"true"`
+	ClientID     string `envconfig:"OAUTH_CLIENT_ID"`
+	ClientSecret string `envconfig:"OAUTH_CLIENT_SECRET"`
+	TokenURL     string `envconfig:"OAUTH_TOKEN_URL"`
 }
-- 
GitLab